45
44
import gnutls.library.functions
46
45
import gnutls.library.constants
47
46
import gnutls.library.types
48
import ConfigParser as configparser
57
57
import logging.handlers
63
import cPickle as pickle
64
import multiprocessing
73
62
from dbus.mainloop.glib import DBusGMainLoop
76
import xml.dom.minidom
81
SO_BINDTODEVICE = socket.SO_BINDTODEVICE
82
except AttributeError:
84
from IN import SO_BINDTODEVICE
86
SO_BINDTODEVICE = None
90
stored_state_file = "clients.pickle"
92
logger = logging.getLogger()
93
syslogger = (logging.handlers.SysLogHandler
94
(facility = logging.handlers.SysLogHandler.LOG_DAEMON,
95
address = str("/dev/log")))
98
if_nametoindex = (ctypes.cdll.LoadLibrary
99
(ctypes.util.find_library("c"))
101
except (OSError, AttributeError):
102
def if_nametoindex(interface):
103
"Get an interface index the hard way, i.e. using fcntl()"
104
SIOCGIFINDEX = 0x8933 # From /usr/include/linux/sockios.h
105
with contextlib.closing(socket.socket()) as s:
106
ifreq = fcntl.ioctl(s, SIOCGIFINDEX,
107
struct.pack(str("16s16x"),
109
interface_index = struct.unpack(str("I"),
111
return interface_index
114
def initlogger(level=logging.WARNING):
115
"""init logger and add loglevel"""
117
syslogger.setFormatter(logging.Formatter
118
('Mandos [%(process)d]: %(levelname)s:'
120
logger.addHandler(syslogger)
122
console = logging.StreamHandler()
123
console.setFormatter(logging.Formatter('%(asctime)s %(name)s'
127
logger.addHandler(console)
128
logger.setLevel(level)
131
class CryptoError(Exception):
135
class Crypto(object):
136
"""A simple class for OpenPGP symmetric encryption & decryption"""
138
self.gnupg = GnuPGInterface.GnuPG()
139
self.tempdir = tempfile.mkdtemp(prefix="mandos-")
140
self.gnupg = GnuPGInterface.GnuPG()
141
self.gnupg.options.meta_interactive = False
142
self.gnupg.options.homedir = self.tempdir
143
self.gnupg.options.extra_args.extend(['--force-mdc',
149
def __exit__ (self, exc_type, exc_value, traceback):
157
if self.tempdir is not None:
158
# Delete contents of tempdir
159
for root, dirs, files in os.walk(self.tempdir,
161
for filename in files:
162
os.remove(os.path.join(root, filename))
164
os.rmdir(os.path.join(root, dirname))
166
os.rmdir(self.tempdir)
169
def password_encode(self, password):
170
# Passphrase can not be empty and can not contain newlines or
171
# NUL bytes. So we prefix it and hex encode it.
172
return b"mandos" + binascii.hexlify(password)
174
def encrypt(self, data, password):
175
self.gnupg.passphrase = self.password_encode(password)
176
with open(os.devnull) as devnull:
178
proc = self.gnupg.run(['--symmetric'],
179
create_fhs=['stdin', 'stdout'],
180
attach_fhs={'stderr': devnull})
181
with contextlib.closing(proc.handles['stdin']) as f:
183
with contextlib.closing(proc.handles['stdout']) as f:
184
ciphertext = f.read()
188
self.gnupg.passphrase = None
191
def decrypt(self, data, password):
192
self.gnupg.passphrase = self.password_encode(password)
193
with open(os.devnull) as devnull:
195
proc = self.gnupg.run(['--decrypt'],
196
create_fhs=['stdin', 'stdout'],
197
attach_fhs={'stderr': devnull})
198
with contextlib.closing(proc.handles['stdin'] ) as f:
200
with contextlib.closing(proc.handles['stdout']) as f:
201
decrypted_plaintext = f.read()
205
self.gnupg.passphrase = None
206
return decrypted_plaintext
210
class AvahiError(Exception):
211
def __init__(self, value, *args, **kwargs):
213
super(AvahiError, self).__init__(value, *args, **kwargs)
214
def __unicode__(self):
215
return unicode(repr(self.value))
217
class AvahiServiceError(AvahiError):
220
class AvahiGroupError(AvahiError):
224
class AvahiService(object):
225
"""An Avahi (Zeroconf) service.
228
interface: integer; avahi.IF_UNSPEC or an interface index.
229
Used to optionally bind to the specified interface.
230
name: string; Example: 'Mandos'
231
type: string; Example: '_mandos._tcp'.
232
See <http://www.dns-sd.org/ServiceTypes.html>
233
port: integer; what port to announce
234
TXT: list of strings; TXT record for the service
235
domain: string; Domain to publish on, default to .local if empty.
236
host: string; Host to publish records for, default is localhost
237
max_renames: integer; maximum number of renames
238
rename_count: integer; counter so we only rename after collisions
239
a sensible number of times
240
group: D-Bus Entry Group
242
bus: dbus.SystemBus()
244
def __init__(self, interface = avahi.IF_UNSPEC, name = None,
245
servicetype = None, port = None, TXT = None,
246
domain = "", host = "", max_renames = 32768,
247
protocol = avahi.PROTO_UNSPEC, bus = None):
248
self.interface = interface
250
self.type = servicetype
252
self.TXT = TXT if TXT is not None else []
255
self.rename_count = 0
256
self.max_renames = max_renames
257
self.protocol = protocol
258
self.group = None # our entry group
261
self.entry_group_state_changed_match = None
263
"""Derived from the Avahi example code"""
264
if self.rename_count >= self.max_renames:
265
logger.critical("No suitable Zeroconf service name found"
266
" after %i retries, exiting.",
268
raise AvahiServiceError("Too many renames")
269
self.name = unicode(self.server
270
.GetAlternativeServiceName(self.name))
271
logger.info("Changing Zeroconf service name to %r ...",
276
except dbus.exceptions.DBusException as error:
277
logger.critical("DBusException: %s", error)
280
self.rename_count += 1
282
"""Derived from the Avahi example code"""
283
if self.entry_group_state_changed_match is not None:
284
self.entry_group_state_changed_match.remove()
285
self.entry_group_state_changed_match = None
286
if self.group is not None:
289
"""Derived from the Avahi example code"""
291
if self.group is None:
292
self.group = dbus.Interface(
293
self.bus.get_object(avahi.DBUS_NAME,
294
self.server.EntryGroupNew()),
295
avahi.DBUS_INTERFACE_ENTRY_GROUP)
296
self.entry_group_state_changed_match = (
297
self.group.connect_to_signal(
298
'StateChanged', self.entry_group_state_changed))
299
logger.debug("Adding Zeroconf service '%s' of type '%s' ...",
300
self.name, self.type)
301
self.group.AddService(
304
dbus.UInt32(0), # flags
305
self.name, self.type,
306
self.domain, self.host,
307
dbus.UInt16(self.port),
308
avahi.string_array_to_txt_array(self.TXT))
310
def entry_group_state_changed(self, state, error):
311
"""Derived from the Avahi example code"""
312
logger.debug("Avahi entry group state change: %i", state)
314
if state == avahi.ENTRY_GROUP_ESTABLISHED:
315
logger.debug("Zeroconf service established.")
316
elif state == avahi.ENTRY_GROUP_COLLISION:
317
logger.info("Zeroconf service name collision.")
319
elif state == avahi.ENTRY_GROUP_FAILURE:
320
logger.critical("Avahi: Error in group state changed %s",
322
raise AvahiGroupError("State changed: %s"
325
"""Derived from the Avahi example code"""
326
if self.group is not None:
329
except (dbus.exceptions.UnknownMethodException,
330
dbus.exceptions.DBusException):
334
def server_state_changed(self, state, error=None):
335
"""Derived from the Avahi example code"""
336
logger.debug("Avahi server state change: %i", state)
337
bad_states = { avahi.SERVER_INVALID:
338
"Zeroconf server invalid",
339
avahi.SERVER_REGISTERING: None,
340
avahi.SERVER_COLLISION:
341
"Zeroconf server name collision",
342
avahi.SERVER_FAILURE:
343
"Zeroconf server failure" }
344
if state in bad_states:
345
if bad_states[state] is not None:
347
logger.error(bad_states[state])
349
logger.error(bad_states[state] + ": %r", error)
351
elif state == avahi.SERVER_RUNNING:
355
logger.debug("Unknown state: %r", state)
357
logger.debug("Unknown state: %r: %r", state, error)
359
"""Derived from the Avahi example code"""
360
if self.server is None:
361
self.server = dbus.Interface(
362
self.bus.get_object(avahi.DBUS_NAME,
363
avahi.DBUS_PATH_SERVER,
364
follow_name_owner_changes=True),
365
avahi.DBUS_INTERFACE_SERVER)
366
self.server.connect_to_signal("StateChanged",
367
self.server_state_changed)
368
self.server_state_changed(self.server.GetState())
370
class AvahiServiceToSyslog(AvahiService):
372
"""Add the new name to the syslog messages"""
373
ret = AvahiService.rename(self)
374
syslogger.setFormatter(logging.Formatter
375
('Mandos (%s) [%%(process)d]:'
376
' %%(levelname)s: %%(message)s'
380
def _timedelta_to_milliseconds(td):
381
"Convert a datetime.timedelta() to milliseconds"
382
return ((td.days * 24 * 60 * 60 * 1000)
383
+ (td.seconds * 1000)
384
+ (td.microseconds // 1000))
65
# Brief description of the operation of this program:
67
# This server announces itself as a Zeroconf service. Connecting
68
# clients use the TLS protocol, with the unusual quirk that this
69
# server program acts as a TLS "client" while the connecting clients
70
# acts as a TLS "server". The clients (acting as a TLS "server") must
71
# supply an OpenPGP certificate, and the fingerprint of this
72
# certificate is used by this server to look up (in a list read from a
73
# file at start time) which binary blob to give the client. No other
74
# authentication or authorization is done by this server.
77
logger = logging.Logger('mandos')
78
syslogger = logging.handlers.SysLogHandler\
79
(facility = logging.handlers.SysLogHandler.LOG_DAEMON)
80
syslogger.setFormatter(logging.Formatter\
81
('%(levelname)s: %(message)s'))
82
logger.addHandler(syslogger)
85
# This variable is used to optionally bind to a specified interface.
86
# It is a global variable to fit in with the other variables from the
88
serviceInterface = avahi.IF_UNSPEC
89
# From the Avahi example code:
90
serviceName = "Mandos"
91
serviceType = "_mandos._tcp" # http://www.dns-sd.org/ServiceTypes.html
92
servicePort = None # Not known at startup
93
serviceTXT = [] # TXT record for the service
94
domain = "" # Domain to publish on, default to .local
95
host = "" # Host to publish records for, default to localhost
96
group = None #our entry group
97
rename_count = 12 # Counter so we only rename after collisions a
98
# sensible number of times
99
# End of Avahi example code
386
102
class Client(object):
387
103
"""A representation of a client host served by this server.
390
_approved: bool(); 'None' if not yet approved/disapproved
391
approval_delay: datetime.timedelta(); Time to wait for approval
392
approval_duration: datetime.timedelta(); Duration of one approval
393
checker: subprocess.Popen(); a running checker process used
394
to see if the client lives.
395
'None' if no process is running.
396
checker_callback_tag: a gobject event source tag, or None
397
checker_command: string; External command which is run to check
398
if client lives. %() expansions are done at
105
name: string; from the config file, used in log messages
106
fingerprint: string (40 or 32 hexadecimal digits); used to
107
uniquely identify the client
108
secret: bytestring; sent verbatim (over TLS) to client
109
fqdn: string (FQDN); available for use by the checker command
110
created: datetime.datetime()
111
last_seen: datetime.datetime() or None if not yet seen
112
timeout: datetime.timedelta(); How long from last_seen until
113
this client is invalid
114
interval: datetime.timedelta(); How often to start a new checker
115
stop_hook: If set, called by stop() as stop_hook(self)
116
checker: subprocess.Popen(); a running checker process used
117
to see if the client lives.
118
Is None if no process is running.
119
checker_initiator_tag: a gobject event source tag, or None
120
stop_initiator_tag: - '' -
121
checker_callback_tag: - '' -
122
checker_command: string; External command which is run to check if
123
client lives. %()s expansions are done at
399
124
runtime with vars(self) as dict, so that for
400
125
instance %(name)s can be used in the command.
401
checker_initiator_tag: a gobject event source tag, or None
402
created: datetime.datetime(); (UTC) object creation
403
client_structure: Object describing what attributes a client has
404
and is used for storing the client at exit
405
current_checker_command: string; current running checker_command
406
disable_initiator_tag: a gobject event source tag, or None
408
fingerprint: string (40 or 32 hexadecimal digits); used to
409
uniquely identify the client
410
host: string; available for use by the checker command
411
interval: datetime.timedelta(); How often to start a new checker
412
last_approval_request: datetime.datetime(); (UTC) or None
413
last_checked_ok: datetime.datetime(); (UTC) or None
415
last_checker_status: integer between 0 and 255 reflecting exit
416
status of last checker. -1 reflects crashed
418
last_enabled: datetime.datetime(); (UTC) or None
419
name: string; from the config file, used in log messages and
421
secret: bytestring; sent verbatim (over TLS) to client
422
timeout: datetime.timedelta(); How long from last_checked_ok
423
until this client is disabled
424
extended_timeout: extra long timeout when password has been sent
425
runtime_expansions: Allowed attributes for runtime expansion.
426
expires: datetime.datetime(); time (UTC) when a client will be
127
_timeout: Real variable for 'timeout'
128
_interval: Real variable for 'interval'
129
_timeout_milliseconds: Used by gobject.timeout_add()
130
_interval_milliseconds: - '' -
430
runtime_expansions = ("approval_delay", "approval_duration",
431
"created", "enabled", "fingerprint",
432
"host", "interval", "last_checked_ok",
433
"last_enabled", "name", "timeout")
435
def timeout_milliseconds(self):
436
"Return the 'timeout' attribute in milliseconds"
437
return _timedelta_to_milliseconds(self.timeout)
439
def extended_timeout_milliseconds(self):
440
"Return the 'extended_timeout' attribute in milliseconds"
441
return _timedelta_to_milliseconds(self.extended_timeout)
443
def interval_milliseconds(self):
444
"Return the 'interval' attribute in milliseconds"
445
return _timedelta_to_milliseconds(self.interval)
447
def approval_delay_milliseconds(self):
448
return _timedelta_to_milliseconds(self.approval_delay)
450
def __init__(self, name = None, config=None):
451
"""Note: the 'checker' key in 'config' sets the
452
'checker_command' attribute and *not* the 'checker'
132
def _set_timeout(self, timeout):
133
"Setter function for 'timeout' attribute"
134
self._timeout = timeout
135
self._timeout_milliseconds = ((self.timeout.days
136
* 24 * 60 * 60 * 1000)
137
+ (self.timeout.seconds * 1000)
138
+ (self.timeout.microseconds
140
timeout = property(lambda self: self._timeout,
143
def _set_interval(self, interval):
144
"Setter function for 'interval' attribute"
145
self._interval = interval
146
self._interval_milliseconds = ((self.interval.days
147
* 24 * 60 * 60 * 1000)
148
+ (self.interval.seconds
150
+ (self.interval.microseconds
152
interval = property(lambda self: self._interval,
155
def __init__(self, name=None, options=None, stop_hook=None,
156
fingerprint=None, secret=None, secfile=None,
157
fqdn=None, timeout=None, interval=-1, checker=None):
158
"""Note: the 'checker' argument sets the 'checker_command'
159
attribute and not the 'checker' attribute.."""
457
logger.debug("Creating client %r", self.name)
458
# Uppercase and remove spaces from fingerprint for later
459
# comparison purposes with return value from the fingerprint()
461
self.fingerprint = (config["fingerprint"].upper()
463
logger.debug(" Fingerprint: %s", self.fingerprint)
464
if "secret" in config:
465
self.secret = config["secret"].decode("base64")
466
elif "secfile" in config:
467
with open(os.path.expanduser(os.path.expandvars
468
(config["secfile"])),
470
self.secret = secfile.read()
472
raise TypeError("No secret or secfile for client %s"
474
self.host = config.get("host", "")
475
self.created = datetime.datetime.utcnow()
476
self.enabled = config.get("enabled", True)
477
self.last_approval_request = None
479
self.last_enabled = datetime.datetime.utcnow()
481
self.last_enabled = None
482
self.last_checked_ok = None
483
self.last_checker_status = None
484
self.timeout = string_to_delta(config["timeout"])
485
self.extended_timeout = string_to_delta(config
486
["extended_timeout"])
487
self.interval = string_to_delta(config["interval"])
161
# Uppercase and remove spaces from fingerprint
162
# for later comparison purposes with return value of
163
# the fingerprint() function
164
self.fingerprint = fingerprint.upper().replace(u" ", u"")
166
self.secret = secret.decode(u"base64")
169
self.secret = sf.read()
172
raise RuntimeError(u"No secret or secfile for client %s"
174
self.fqdn = fqdn # string
175
self.created = datetime.datetime.now()
176
self.last_seen = None
178
self.timeout = options.timeout
180
self.timeout = string_to_delta(timeout)
182
self.interval = options.interval
184
self.interval = string_to_delta(interval)
185
self.stop_hook = stop_hook
488
186
self.checker = None
489
187
self.checker_initiator_tag = None
490
self.disable_initiator_tag = None
492
self.expires = datetime.datetime.utcnow() + self.timeout
188
self.stop_initiator_tag = None
495
189
self.checker_callback_tag = None
496
self.checker_command = config["checker"]
497
self.current_checker_command = None
498
self._approved = None
499
self.approved_by_default = config.get("approved_by_default",
501
self.approvals_pending = 0
502
self.approval_delay = string_to_delta(
503
config["approval_delay"])
504
self.approval_duration = string_to_delta(
505
config["approval_duration"])
506
self.changedstate = (multiprocessing_manager
507
.Condition(multiprocessing_manager
509
self.client_structure = [attr for attr in
510
self.__dict__.iterkeys()
511
if not attr.startswith("_")]
512
self.client_structure.append("client_structure")
514
for name, t in inspect.getmembers(type(self),
518
if not name.startswith("_"):
519
self.client_structure.append(name)
521
# Send notice to process children that client state has changed
522
def send_changedstate(self):
523
with self.changedstate:
524
self.changedstate.notify_all()
190
self.check_command = checker
527
192
"""Start this client's checker and timeout hooks"""
528
if getattr(self, "enabled", False):
531
self.send_changedstate()
532
self.expires = datetime.datetime.utcnow() + self.timeout
534
self.last_enabled = datetime.datetime.utcnow()
537
def disable(self, quiet=True):
538
"""Disable this client."""
539
if not getattr(self, "enabled", False):
542
self.send_changedstate()
544
logger.info("Disabling client %s", self.name)
545
if getattr(self, "disable_initiator_tag", False):
546
gobject.source_remove(self.disable_initiator_tag)
547
self.disable_initiator_tag = None
549
if getattr(self, "checker_initiator_tag", False):
550
gobject.source_remove(self.checker_initiator_tag)
551
self.checker_initiator_tag = None
554
# Do not run this again if called by a gobject.timeout_add
560
def init_checker(self):
561
193
# Schedule a new checker to be started an 'interval' from now,
562
194
# and every interval from then on.
563
self.checker_initiator_tag = (gobject.timeout_add
564
(self.interval_milliseconds(),
566
# Schedule a disable() when 'timeout' has passed
567
self.disable_initiator_tag = (gobject.timeout_add
568
(self.timeout_milliseconds(),
195
self.checker_initiator_tag = gobject.timeout_add\
196
(self._interval_milliseconds,
570
198
# Also start a new checker *right now*.
571
199
self.start_checker()
573
def checker_callback(self, pid, condition, command):
200
# Schedule a stop() when 'timeout' has passed
201
self.stop_initiator_tag = gobject.timeout_add\
202
(self._timeout_milliseconds,
206
The possibility that this client might be restarted is left
207
open, but not currently used."""
208
# If this client doesn't have a secret, it is already stopped.
210
logger.debug(u"Stopping client %s", self.name)
214
if hasattr(self, "stop_initiator_tag") \
215
and self.stop_initiator_tag:
216
gobject.source_remove(self.stop_initiator_tag)
217
self.stop_initiator_tag = None
218
if hasattr(self, "checker_initiator_tag") \
219
and self.checker_initiator_tag:
220
gobject.source_remove(self.checker_initiator_tag)
221
self.checker_initiator_tag = None
225
# Do not run this again if called by a gobject.timeout_add
228
self.stop_hook = None
230
def checker_callback(self, pid, condition):
574
231
"""The checker has completed, so take appropriate actions."""
232
now = datetime.datetime.now()
575
233
self.checker_callback_tag = None
576
234
self.checker = None
577
if os.WIFEXITED(condition):
578
self.last_checker_status = os.WEXITSTATUS(condition)
579
if self.last_checker_status == 0:
580
logger.info("Checker for %(name)s succeeded",
584
logger.info("Checker for %(name)s failed",
587
self.last_checker_status = -1
588
logger.warning("Checker for %(name)s crashed?",
235
if os.WIFEXITED(condition) \
236
and (os.WEXITSTATUS(condition) == 0):
237
logger.debug(u"Checker for %(name)s succeeded",
240
gobject.source_remove(self.stop_initiator_tag)
241
self.stop_initiator_tag = gobject.timeout_add\
242
(self._timeout_milliseconds,
244
elif not os.WIFEXITED(condition):
245
logger.warning(u"Checker for %(name)s crashed?",
591
def checked_ok(self, timeout=None):
592
"""Bump up the timeout for this client.
594
This should only be called when the client has been seen,
598
timeout = self.timeout
599
self.last_checked_ok = datetime.datetime.utcnow()
600
if self.disable_initiator_tag is not None:
601
gobject.source_remove(self.disable_initiator_tag)
602
if getattr(self, "enabled", False):
603
self.disable_initiator_tag = (gobject.timeout_add
604
(_timedelta_to_milliseconds
605
(timeout), self.disable))
606
self.expires = datetime.datetime.utcnow() + timeout
608
def need_approval(self):
609
self.last_approval_request = datetime.datetime.utcnow()
248
logger.debug(u"Checker for %(name)s failed",
611
250
def start_checker(self):
612
251
"""Start a new checker subprocess if one is not running.
614
252
If a checker already exists, leave it running and do
616
254
# The reason for not killing a running checker is that if we
619
257
# client would inevitably timeout, since no checker would get
620
258
# a chance to run to completion. If we instead leave running
621
259
# checkers alone, the checker would have to take more time
622
# than 'timeout' for the client to be disabled, which is as it
625
# If a checker exists, make sure it is not a zombie
627
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
628
except (AttributeError, OSError) as error:
629
if (isinstance(error, OSError)
630
and error.errno != errno.ECHILD):
634
logger.warning("Checker was a zombie")
635
gobject.source_remove(self.checker_callback_tag)
636
self.checker_callback(pid, status,
637
self.current_checker_command)
638
# Start a new checker if needed
260
# than 'timeout' for the client to be declared invalid, which
261
# is as it should be.
639
262
if self.checker is None:
641
# In case checker_command has exactly one % operator
642
command = self.checker_command % self.host
264
command = self.check_command % self.fqdn
643
265
except TypeError:
644
# Escape attributes for the shell
645
escaped_attrs = dict(
647
re.escape(unicode(str(getattr(self, attr, "")),
651
self.runtime_expansions)
266
escaped_attrs = dict((key, re.escape(str(val)))
268
vars(self).iteritems())
654
command = self.checker_command % escaped_attrs
655
except TypeError as error:
656
logger.error('Could not format string "%s":'
657
' %s', self.checker_command, error)
270
command = self.check_command % escaped_attrs
271
except TypeError, error:
272
logger.critical(u'Could not format string "%s":'
273
u' %s', self.check_command, error)
658
274
return True # Try again later
659
self.current_checker_command = command
661
logger.info("Starting checker %r for %s",
663
# We don't need to redirect stdout and stderr, since
664
# in normal mode, that is already done by daemon(),
665
# and in debug mode we don't want to. (Stdin is
666
# always replaced by /dev/null.)
667
self.checker = subprocess.Popen(command,
670
self.checker_callback_tag = (gobject.child_watch_add
672
self.checker_callback,
674
# The checker may have completed before the gobject
675
# watch was added. Check for this.
676
pid, status = os.waitpid(self.checker.pid, os.WNOHANG)
678
gobject.source_remove(self.checker_callback_tag)
679
self.checker_callback(pid, status, command)
680
except OSError as error:
681
logger.error("Failed to start subprocess: %s",
276
logger.debug(u"Starting checker %r for %s",
278
self.checker = subprocess.\
280
close_fds=True, shell=True,
282
self.checker_callback_tag = gobject.child_watch_add\
284
self.checker_callback)
285
except subprocess.OSError, error:
286
logger.error(u"Failed to start subprocess: %s",
683
288
# Re-run this periodically if run by gobject.timeout_add
686
290
def stop_checker(self):
687
291
"""Force the checker process, if any, to stop."""
688
292
if self.checker_callback_tag:
689
293
gobject.source_remove(self.checker_callback_tag)
690
294
self.checker_callback_tag = None
691
if getattr(self, "checker", None) is None:
295
if not hasattr(self, "checker") or self.checker is None:
693
297
logger.debug("Stopping checker for %(name)s", vars(self))
695
299
os.kill(self.checker.pid, signal.SIGTERM)
697
301
#if self.checker.poll() is None:
698
302
# os.kill(self.checker.pid, signal.SIGKILL)
699
except OSError as error:
700
if error.errno != errno.ESRCH: # No such process
303
except OSError, error:
304
if error.errno != errno.ESRCH:
702
306
self.checker = None
705
def dbus_service_property(dbus_interface, signature="v",
706
access="readwrite", byte_arrays=False):
707
"""Decorators for marking methods of a DBusObjectWithProperties to
708
become properties on the D-Bus.
710
The decorated method will be called with no arguments by "Get"
711
and with one argument by "Set".
713
The parameters, where they are supported, are the same as
714
dbus.service.method, except there is only "signature", since the
715
type from Get() and the type sent to Set() is the same.
717
# Encoding deeply encoded byte arrays is not supported yet by the
718
# "Set" method, so we fail early here:
719
if byte_arrays and signature != "ay":
720
raise ValueError("Byte arrays not supported for non-'ay'"
721
" signature %r" % signature)
723
func._dbus_is_property = True
724
func._dbus_interface = dbus_interface
725
func._dbus_signature = signature
726
func._dbus_access = access
727
func._dbus_name = func.__name__
728
if func._dbus_name.endswith("_dbus_property"):
729
func._dbus_name = func._dbus_name[:-14]
730
func._dbus_get_args_options = {'byte_arrays': byte_arrays }
735
class DBusPropertyException(dbus.exceptions.DBusException):
736
"""A base class for D-Bus property-related exceptions
738
def __unicode__(self):
739
return unicode(str(self))
742
class DBusPropertyAccessException(DBusPropertyException):
743
"""A property's access permissions disallows an operation.
748
class DBusPropertyNotFound(DBusPropertyException):
749
"""An attempt was made to access a non-existing property.
754
class DBusObjectWithProperties(dbus.service.Object):
755
"""A D-Bus object with properties.
757
Classes inheriting from this can use the dbus_service_property
758
decorator to expose methods as D-Bus properties. It exposes the
759
standard Get(), Set(), and GetAll() methods on the D-Bus.
763
def _is_dbus_property(obj):
764
return getattr(obj, "_dbus_is_property", False)
766
def _get_all_dbus_properties(self):
767
"""Returns a generator of (name, attribute) pairs
769
return ((prop.__get__(self)._dbus_name, prop.__get__(self))
770
for cls in self.__class__.__mro__
772
inspect.getmembers(cls, self._is_dbus_property))
774
def _get_dbus_property(self, interface_name, property_name):
775
"""Returns a bound method if one exists which is a D-Bus
776
property with the specified name and interface.
778
for cls in self.__class__.__mro__:
779
for name, value in (inspect.getmembers
780
(cls, self._is_dbus_property)):
781
if (value._dbus_name == property_name
782
and value._dbus_interface == interface_name):
783
return value.__get__(self)
786
raise DBusPropertyNotFound(self.dbus_object_path + ":"
787
+ interface_name + "."
790
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ss",
792
def Get(self, interface_name, property_name):
793
"""Standard D-Bus property Get() method, see D-Bus standard.
795
prop = self._get_dbus_property(interface_name, property_name)
796
if prop._dbus_access == "write":
797
raise DBusPropertyAccessException(property_name)
799
if not hasattr(value, "variant_level"):
801
return type(value)(value, variant_level=value.variant_level+1)
803
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="ssv")
804
def Set(self, interface_name, property_name, value):
805
"""Standard D-Bus property Set() method, see D-Bus standard.
807
prop = self._get_dbus_property(interface_name, property_name)
808
if prop._dbus_access == "read":
809
raise DBusPropertyAccessException(property_name)
810
if prop._dbus_get_args_options["byte_arrays"]:
811
# The byte_arrays option is not supported yet on
812
# signatures other than "ay".
813
if prop._dbus_signature != "ay":
815
value = dbus.ByteArray(''.join(unichr(byte)
819
@dbus.service.method(dbus.PROPERTIES_IFACE, in_signature="s",
820
out_signature="a{sv}")
821
def GetAll(self, interface_name):
822
"""Standard D-Bus property GetAll() method, see D-Bus
825
Note: Will not include properties with access="write".
828
for name, prop in self._get_all_dbus_properties():
830
and interface_name != prop._dbus_interface):
831
# Interface non-empty but did not match
833
# Ignore write-only properties
834
if prop._dbus_access == "write":
837
if not hasattr(value, "variant_level"):
838
properties[name] = value
840
properties[name] = type(value)(value, variant_level=
841
value.variant_level+1)
842
return dbus.Dictionary(properties, signature="sv")
844
@dbus.service.method(dbus.INTROSPECTABLE_IFACE,
846
path_keyword='object_path',
847
connection_keyword='connection')
848
def Introspect(self, object_path, connection):
849
"""Standard D-Bus method, overloaded to insert property tags.
851
xmlstring = dbus.service.Object.Introspect(self, object_path,
854
document = xml.dom.minidom.parseString(xmlstring)
855
def make_tag(document, name, prop):
856
e = document.createElement("property")
857
e.setAttribute("name", name)
858
e.setAttribute("type", prop._dbus_signature)
859
e.setAttribute("access", prop._dbus_access)
861
for if_tag in document.getElementsByTagName("interface"):
862
for tag in (make_tag(document, name, prop)
864
in self._get_all_dbus_properties()
865
if prop._dbus_interface
866
== if_tag.getAttribute("name")):
867
if_tag.appendChild(tag)
868
# Add the names to the return values for the
869
# "org.freedesktop.DBus.Properties" methods
870
if (if_tag.getAttribute("name")
871
== "org.freedesktop.DBus.Properties"):
872
for cn in if_tag.getElementsByTagName("method"):
873
if cn.getAttribute("name") == "Get":
874
for arg in cn.getElementsByTagName("arg"):
875
if (arg.getAttribute("direction")
877
arg.setAttribute("name", "value")
878
elif cn.getAttribute("name") == "GetAll":
879
for arg in cn.getElementsByTagName("arg"):
880
if (arg.getAttribute("direction")
882
arg.setAttribute("name", "props")
883
xmlstring = document.toxml("utf-8")
885
except (AttributeError, xml.dom.DOMException,
886
xml.parsers.expat.ExpatError) as error:
887
logger.error("Failed to override Introspection method",
892
def datetime_to_dbus (dt, variant_level=0):
893
"""Convert a UTC datetime.datetime() to a D-Bus type."""
895
return dbus.String("", variant_level = variant_level)
896
return dbus.String(dt.isoformat(),
897
variant_level=variant_level)
900
class AlternateDBusNamesMetaclass(DBusObjectWithProperties
902
"""Applied to an empty subclass of a D-Bus object, this metaclass
903
will add additional D-Bus attributes matching a certain pattern.
905
def __new__(mcs, name, bases, attr):
906
# Go through all the base classes which could have D-Bus
907
# methods, signals, or properties in them
908
for base in (b for b in bases
909
if issubclass(b, dbus.service.Object)):
910
# Go though all attributes of the base class
911
for attrname, attribute in inspect.getmembers(base):
912
# Ignore non-D-Bus attributes, and D-Bus attributes
913
# with the wrong interface name
914
if (not hasattr(attribute, "_dbus_interface")
915
or not attribute._dbus_interface
916
.startswith("se.recompile.Mandos")):
918
# Create an alternate D-Bus interface name based on
920
alt_interface = (attribute._dbus_interface
921
.replace("se.recompile.Mandos",
922
"se.bsnet.fukt.Mandos"))
923
# Is this a D-Bus signal?
924
if getattr(attribute, "_dbus_is_signal", False):
925
# Extract the original non-method function by
927
nonmethod_func = (dict(
928
zip(attribute.func_code.co_freevars,
929
attribute.__closure__))["func"]
931
# Create a new, but exactly alike, function
932
# object, and decorate it to be a new D-Bus signal
933
# with the alternate D-Bus interface name
934
new_function = (dbus.service.signal
936
attribute._dbus_signature)
938
nonmethod_func.func_code,
939
nonmethod_func.func_globals,
940
nonmethod_func.func_name,
941
nonmethod_func.func_defaults,
942
nonmethod_func.func_closure)))
943
# Define a creator of a function to call both the
944
# old and new functions, so both the old and new
945
# signals gets sent when the function is called
946
def fixscope(func1, func2):
947
"""This function is a scope container to pass
948
func1 and func2 to the "call_both" function
949
outside of its arguments"""
950
def call_both(*args, **kwargs):
951
"""This function will emit two D-Bus
952
signals by calling func1 and func2"""
953
func1(*args, **kwargs)
954
func2(*args, **kwargs)
956
# Create the "call_both" function and add it to
958
attr[attrname] = fixscope(attribute,
960
# Is this a D-Bus method?
961
elif getattr(attribute, "_dbus_is_method", False):
962
# Create a new, but exactly alike, function
963
# object. Decorate it to be a new D-Bus method
964
# with the alternate D-Bus interface name. Add it
966
attr[attrname] = (dbus.service.method
968
attribute._dbus_in_signature,
969
attribute._dbus_out_signature)
971
(attribute.func_code,
972
attribute.func_globals,
974
attribute.func_defaults,
975
attribute.func_closure)))
976
# Is this a D-Bus property?
977
elif getattr(attribute, "_dbus_is_property", False):
978
# Create a new, but exactly alike, function
979
# object, and decorate it to be a new D-Bus
980
# property with the alternate D-Bus interface
981
# name. Add it to the class.
982
attr[attrname] = (dbus_service_property
984
attribute._dbus_signature,
985
attribute._dbus_access,
987
._dbus_get_args_options
990
(attribute.func_code,
991
attribute.func_globals,
993
attribute.func_defaults,
994
attribute.func_closure)))
995
return type.__new__(mcs, name, bases, attr)
998
class ClientDBus(Client, DBusObjectWithProperties):
999
"""A Client class using D-Bus
1002
dbus_object_path: dbus.ObjectPath
1003
bus: dbus.SystemBus()
1006
runtime_expansions = (Client.runtime_expansions
1007
+ ("dbus_object_path",))
1009
# dbus.service.Object doesn't use super(), so we can't either.
1011
def __init__(self, bus = None, *args, **kwargs):
1013
Client.__init__(self, *args, **kwargs)
1015
self._approvals_pending = 0
1016
# Only now, when this client is initialized, can it show up on
1018
client_object_name = unicode(self.name).translate(
1019
{ord("."): ord("_"),
1020
ord("-"): ord("_")})
1021
self.dbus_object_path = (dbus.ObjectPath
1022
("/clients/" + client_object_name))
1023
DBusObjectWithProperties.__init__(self, self.bus,
1024
self.dbus_object_path)
1026
def notifychangeproperty(transform_func,
1027
dbus_name, type_func=lambda x: x,
1029
""" Modify a variable so that it's a property which announces
1030
its changes to DBus.
1032
transform_fun: Function that takes a value and a variant_level
1033
and transforms it to a D-Bus type.
1034
dbus_name: D-Bus name of the variable
1035
type_func: Function that transform the value before sending it
1036
to the D-Bus. Default: no transform
1037
variant_level: D-Bus variant level. Default: 1
1039
attrname = "_{0}".format(dbus_name)
1040
def setter(self, value):
1041
if hasattr(self, "dbus_object_path"):
1042
if (not hasattr(self, attrname) or
1043
type_func(getattr(self, attrname, None))
1044
!= type_func(value)):
1045
dbus_value = transform_func(type_func(value),
1048
self.PropertyChanged(dbus.String(dbus_name),
1050
setattr(self, attrname, value)
1052
return property(lambda self: getattr(self, attrname), setter)
1055
expires = notifychangeproperty(datetime_to_dbus, "Expires")
1056
approvals_pending = notifychangeproperty(dbus.Boolean,
1059
enabled = notifychangeproperty(dbus.Boolean, "Enabled")
1060
last_enabled = notifychangeproperty(datetime_to_dbus,
1062
checker = notifychangeproperty(dbus.Boolean, "CheckerRunning",
1063
type_func = lambda checker:
1064
checker is not None)
1065
last_checked_ok = notifychangeproperty(datetime_to_dbus,
1067
last_approval_request = notifychangeproperty(
1068
datetime_to_dbus, "LastApprovalRequest")
1069
approved_by_default = notifychangeproperty(dbus.Boolean,
1070
"ApprovedByDefault")
1071
approval_delay = notifychangeproperty(dbus.UInt16,
1074
_timedelta_to_milliseconds)
1075
approval_duration = notifychangeproperty(
1076
dbus.UInt16, "ApprovalDuration",
1077
type_func = _timedelta_to_milliseconds)
1078
host = notifychangeproperty(dbus.String, "Host")
1079
timeout = notifychangeproperty(dbus.UInt16, "Timeout",
1081
_timedelta_to_milliseconds)
1082
extended_timeout = notifychangeproperty(
1083
dbus.UInt16, "ExtendedTimeout",
1084
type_func = _timedelta_to_milliseconds)
1085
interval = notifychangeproperty(dbus.UInt16,
1088
_timedelta_to_milliseconds)
1089
checker_command = notifychangeproperty(dbus.String, "Checker")
1091
del notifychangeproperty
1093
def __del__(self, *args, **kwargs):
1095
self.remove_from_connection()
1098
if hasattr(DBusObjectWithProperties, "__del__"):
1099
DBusObjectWithProperties.__del__(self, *args, **kwargs)
1100
Client.__del__(self, *args, **kwargs)
1102
def checker_callback(self, pid, condition, command,
1104
self.checker_callback_tag = None
1106
if os.WIFEXITED(condition):
1107
exitstatus = os.WEXITSTATUS(condition)
1109
self.CheckerCompleted(dbus.Int16(exitstatus),
1110
dbus.Int64(condition),
1111
dbus.String(command))
1114
self.CheckerCompleted(dbus.Int16(-1),
1115
dbus.Int64(condition),
1116
dbus.String(command))
1118
return Client.checker_callback(self, pid, condition, command,
1121
def start_checker(self, *args, **kwargs):
1122
old_checker = self.checker
1123
if self.checker is not None:
1124
old_checker_pid = self.checker.pid
1126
old_checker_pid = None
1127
r = Client.start_checker(self, *args, **kwargs)
1128
# Only if new checker process was started
1129
if (self.checker is not None
1130
and old_checker_pid != self.checker.pid):
1132
self.CheckerStarted(self.current_checker_command)
1135
def _reset_approved(self):
1136
self._approved = None
1139
def approve(self, value=True):
1140
self.send_changedstate()
1141
self._approved = value
1142
gobject.timeout_add(_timedelta_to_milliseconds
1143
(self.approval_duration),
1144
self._reset_approved)
1147
## D-Bus methods, signals & properties
1148
_interface = "se.recompile.Mandos.Client"
1152
# CheckerCompleted - signal
1153
@dbus.service.signal(_interface, signature="nxs")
1154
def CheckerCompleted(self, exitcode, waitstatus, command):
1158
# CheckerStarted - signal
1159
@dbus.service.signal(_interface, signature="s")
1160
def CheckerStarted(self, command):
1164
# PropertyChanged - signal
1165
@dbus.service.signal(_interface, signature="sv")
1166
def PropertyChanged(self, property, value):
1170
# GotSecret - signal
1171
@dbus.service.signal(_interface)
1172
def GotSecret(self):
1174
Is sent after a successful transfer of secret from the Mandos
1175
server to mandos-client
1180
@dbus.service.signal(_interface, signature="s")
1181
def Rejected(self, reason):
1185
# NeedApproval - signal
1186
@dbus.service.signal(_interface, signature="tb")
1187
def NeedApproval(self, timeout, default):
1189
return self.need_approval()
1191
# NeRwequest - signal
1192
@dbus.service.signal(_interface, signature="s")
1193
def NewRequest(self, ip):
1195
Is sent after a client request a password.
1202
@dbus.service.method(_interface, in_signature="b")
1203
def Approve(self, value):
1206
# CheckedOK - method
1207
@dbus.service.method(_interface)
1208
def CheckedOK(self):
1212
@dbus.service.method(_interface)
1217
# StartChecker - method
1218
@dbus.service.method(_interface)
1219
def StartChecker(self):
1221
self.start_checker()
1224
@dbus.service.method(_interface)
1229
# StopChecker - method
1230
@dbus.service.method(_interface)
1231
def StopChecker(self):
1236
# ApprovalPending - property
1237
@dbus_service_property(_interface, signature="b", access="read")
1238
def ApprovalPending_dbus_property(self):
1239
return dbus.Boolean(bool(self.approvals_pending))
1241
# ApprovedByDefault - property
1242
@dbus_service_property(_interface, signature="b",
1244
def ApprovedByDefault_dbus_property(self, value=None):
1245
if value is None: # get
1246
return dbus.Boolean(self.approved_by_default)
1247
self.approved_by_default = bool(value)
1249
# ApprovalDelay - property
1250
@dbus_service_property(_interface, signature="t",
1252
def ApprovalDelay_dbus_property(self, value=None):
1253
if value is None: # get
1254
return dbus.UInt64(self.approval_delay_milliseconds())
1255
self.approval_delay = datetime.timedelta(0, 0, 0, value)
1257
# ApprovalDuration - property
1258
@dbus_service_property(_interface, signature="t",
1260
def ApprovalDuration_dbus_property(self, value=None):
1261
if value is None: # get
1262
return dbus.UInt64(_timedelta_to_milliseconds(
1263
self.approval_duration))
1264
self.approval_duration = datetime.timedelta(0, 0, 0, value)
1267
@dbus_service_property(_interface, signature="s", access="read")
1268
def Name_dbus_property(self):
1269
return dbus.String(self.name)
1271
# Fingerprint - property
1272
@dbus_service_property(_interface, signature="s", access="read")
1273
def Fingerprint_dbus_property(self):
1274
return dbus.String(self.fingerprint)
1277
@dbus_service_property(_interface, signature="s",
1279
def Host_dbus_property(self, value=None):
1280
if value is None: # get
1281
return dbus.String(self.host)
1284
# Created - property
1285
@dbus_service_property(_interface, signature="s", access="read")
1286
def Created_dbus_property(self):
1287
return datetime_to_dbus(self.created)
1289
# LastEnabled - property
1290
@dbus_service_property(_interface, signature="s", access="read")
1291
def LastEnabled_dbus_property(self):
1292
return datetime_to_dbus(self.last_enabled)
1294
# Enabled - property
1295
@dbus_service_property(_interface, signature="b",
1297
def Enabled_dbus_property(self, value=None):
1298
if value is None: # get
1299
return dbus.Boolean(self.enabled)
1305
# LastCheckedOK - property
1306
@dbus_service_property(_interface, signature="s",
1308
def LastCheckedOK_dbus_property(self, value=None):
1309
if value is not None:
1312
return datetime_to_dbus(self.last_checked_ok)
1314
# Expires - property
1315
@dbus_service_property(_interface, signature="s", access="read")
1316
def Expires_dbus_property(self):
1317
return datetime_to_dbus(self.expires)
1319
# LastApprovalRequest - property
1320
@dbus_service_property(_interface, signature="s", access="read")
1321
def LastApprovalRequest_dbus_property(self):
1322
return datetime_to_dbus(self.last_approval_request)
1324
# Timeout - property
1325
@dbus_service_property(_interface, signature="t",
1327
def Timeout_dbus_property(self, value=None):
1328
if value is None: # get
1329
return dbus.UInt64(self.timeout_milliseconds())
1330
self.timeout = datetime.timedelta(0, 0, 0, value)
1331
if getattr(self, "disable_initiator_tag", None) is None:
1333
# Reschedule timeout
1334
gobject.source_remove(self.disable_initiator_tag)
1335
self.disable_initiator_tag = None
1337
time_to_die = _timedelta_to_milliseconds((self
1342
if time_to_die <= 0:
1343
# The timeout has passed
1346
self.expires = (datetime.datetime.utcnow()
1347
+ datetime.timedelta(milliseconds =
1349
self.disable_initiator_tag = (gobject.timeout_add
1350
(time_to_die, self.disable))
1352
# ExtendedTimeout - property
1353
@dbus_service_property(_interface, signature="t",
1355
def ExtendedTimeout_dbus_property(self, value=None):
1356
if value is None: # get
1357
return dbus.UInt64(self.extended_timeout_milliseconds())
1358
self.extended_timeout = datetime.timedelta(0, 0, 0, value)
1360
# Interval - property
1361
@dbus_service_property(_interface, signature="t",
1363
def Interval_dbus_property(self, value=None):
1364
if value is None: # get
1365
return dbus.UInt64(self.interval_milliseconds())
1366
self.interval = datetime.timedelta(0, 0, 0, value)
1367
if getattr(self, "checker_initiator_tag", None) is None:
1370
# Reschedule checker run
1371
gobject.source_remove(self.checker_initiator_tag)
1372
self.checker_initiator_tag = (gobject.timeout_add
1373
(value, self.start_checker))
1374
self.start_checker() # Start one now, too
1376
# Checker - property
1377
@dbus_service_property(_interface, signature="s",
1379
def Checker_dbus_property(self, value=None):
1380
if value is None: # get
1381
return dbus.String(self.checker_command)
1382
self.checker_command = value
1384
# CheckerRunning - property
1385
@dbus_service_property(_interface, signature="b",
1387
def CheckerRunning_dbus_property(self, value=None):
1388
if value is None: # get
1389
return dbus.Boolean(self.checker is not None)
1391
self.start_checker()
1395
# ObjectPath - property
1396
@dbus_service_property(_interface, signature="o", access="read")
1397
def ObjectPath_dbus_property(self):
1398
return self.dbus_object_path # is already a dbus.ObjectPath
1401
@dbus_service_property(_interface, signature="ay",
1402
access="write", byte_arrays=True)
1403
def Secret_dbus_property(self, value):
1404
self.secret = str(value)
1409
class ProxyClient(object):
1410
def __init__(self, child_pipe, fpr, address):
1411
self._pipe = child_pipe
1412
self._pipe.send(('init', fpr, address))
1413
if not self._pipe.recv():
1416
def __getattribute__(self, name):
1417
if(name == '_pipe'):
1418
return super(ProxyClient, self).__getattribute__(name)
1419
self._pipe.send(('getattr', name))
1420
data = self._pipe.recv()
1421
if data[0] == 'data':
1423
if data[0] == 'function':
1424
def func(*args, **kwargs):
1425
self._pipe.send(('funcall', name, args, kwargs))
1426
return self._pipe.recv()[1]
1429
def __setattr__(self, name, value):
1430
if(name == '_pipe'):
1431
return super(ProxyClient, self).__setattr__(name, value)
1432
self._pipe.send(('setattr', name, value))
1435
class ClientDBusTransitional(ClientDBus):
1436
__metaclass__ = AlternateDBusNamesMetaclass
1439
class ClientHandler(socketserver.BaseRequestHandler, object):
1440
"""A class to handle client connections.
1442
Instantiated once for each connection to handle it.
307
def still_valid(self, now=None):
308
"""Has the timeout not yet passed for this client?"""
310
now = datetime.datetime.now()
311
if self.last_seen is None:
312
return now < (self.created + self.timeout)
314
return now < (self.last_seen + self.timeout)
317
def peer_certificate(session):
318
"Return the peer's OpenPGP certificate as a bytestring"
319
# If not an OpenPGP certificate...
320
if gnutls.library.functions.gnutls_certificate_type_get\
321
(session._c_object) \
322
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP:
323
# ...do the normal thing
324
return session.peer_certificate
325
list_size = ctypes.c_uint()
326
cert_list = gnutls.library.functions.gnutls_certificate_get_peers\
327
(session._c_object, ctypes.byref(list_size))
328
if list_size.value == 0:
331
return ctypes.string_at(cert.data, cert.size)
334
def fingerprint(openpgp):
335
"Convert an OpenPGP bytestring to a hexdigit fingerprint string"
336
# New empty GnuTLS certificate
337
crt = gnutls.library.types.gnutls_openpgp_crt_t()
338
gnutls.library.functions.gnutls_openpgp_crt_init\
340
# New GnuTLS "datum" with the OpenPGP public key
341
datum = gnutls.library.types.gnutls_datum_t\
342
(ctypes.cast(ctypes.c_char_p(openpgp),
343
ctypes.POINTER(ctypes.c_ubyte)),
344
ctypes.c_uint(len(openpgp)))
345
# Import the OpenPGP public key into the certificate
346
ret = gnutls.library.functions.gnutls_openpgp_crt_import\
349
gnutls.library.constants.GNUTLS_OPENPGP_FMT_RAW)
350
# New buffer for the fingerprint
351
buffer = ctypes.create_string_buffer(20)
352
buffer_length = ctypes.c_size_t()
353
# Get the fingerprint from the certificate into the buffer
354
gnutls.library.functions.gnutls_openpgp_crt_get_fingerprint\
355
(crt, ctypes.byref(buffer), ctypes.byref(buffer_length))
356
# Deinit the certificate
357
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
358
# Convert the buffer to a Python bytestring
359
fpr = ctypes.string_at(buffer, buffer_length.value)
360
# Convert the bytestring to hexadecimal notation
361
hex_fpr = u''.join(u"%02X" % ord(char) for char in fpr)
365
class tcp_handler(SocketServer.BaseRequestHandler, object):
366
"""A TCP request handler class.
367
Instantiated by IPv6_TCPServer for each request to handle it.
1443
368
Note: This will run in its own forked process."""
1445
370
def handle(self):
1446
with contextlib.closing(self.server.child_pipe) as child_pipe:
1447
logger.info("TCP connection from: %s",
1448
unicode(self.client_address))
1449
logger.debug("Pipe FD: %d",
1450
self.server.child_pipe.fileno())
1452
session = (gnutls.connection
1453
.ClientSession(self.request,
1455
.X509Credentials()))
1457
# Note: gnutls.connection.X509Credentials is really a
1458
# generic GnuTLS certificate credentials object so long as
1459
# no X.509 keys are added to it. Therefore, we can use it
1460
# here despite using OpenPGP certificates.
1462
#priority = ':'.join(("NONE", "+VERS-TLS1.1",
1463
# "+AES-256-CBC", "+SHA1",
1464
# "+COMP-NULL", "+CTYPE-OPENPGP",
1466
# Use a fallback default, since this MUST be set.
1467
priority = self.server.gnutls_priority
1468
if priority is None:
1470
(gnutls.library.functions
1471
.gnutls_priority_set_direct(session._c_object,
1474
# Start communication using the Mandos protocol
1475
# Get protocol number
1476
line = self.request.makefile().readline()
1477
logger.debug("Protocol version: %r", line)
1479
if int(line.strip().split()[0]) > 1:
1481
except (ValueError, IndexError, RuntimeError) as error:
1482
logger.error("Unknown protocol version: %s", error)
1485
# Start GnuTLS connection
1488
except gnutls.errors.GNUTLSError as error:
1489
logger.warning("Handshake failed: %s", error)
1490
# Do not run session.bye() here: the session is not
1491
# established. Just abandon the request.
1493
logger.debug("Handshake succeeded")
1495
approval_required = False
1498
fpr = self.fingerprint(self.peer_certificate
1501
gnutls.errors.GNUTLSError) as error:
1502
logger.warning("Bad certificate: %s", error)
1504
logger.debug("Fingerprint: %s", fpr)
1505
if self.server.use_dbus:
1507
client.NewRequest(str(self.client_address))
1510
client = ProxyClient(child_pipe, fpr,
1511
self.client_address)
1515
if client.approval_delay:
1516
delay = client.approval_delay
1517
client.approvals_pending += 1
1518
approval_required = True
1521
if not client.enabled:
1522
logger.info("Client %s is disabled",
1524
if self.server.use_dbus:
1526
client.Rejected("Disabled")
1529
if client._approved or not client.approval_delay:
1530
#We are approved or approval is disabled
1532
elif client._approved is None:
1533
logger.info("Client %s needs approval",
1535
if self.server.use_dbus:
1537
client.NeedApproval(
1538
client.approval_delay_milliseconds(),
1539
client.approved_by_default)
1541
logger.warning("Client %s was not approved",
1543
if self.server.use_dbus:
1545
client.Rejected("Denied")
1548
#wait until timeout or approved
1549
time = datetime.datetime.now()
1550
client.changedstate.acquire()
1551
(client.changedstate.wait
1552
(float(client._timedelta_to_milliseconds(delay)
1554
client.changedstate.release()
1555
time2 = datetime.datetime.now()
1556
if (time2 - time) >= delay:
1557
if not client.approved_by_default:
1558
logger.warning("Client %s timed out while"
1559
" waiting for approval",
1561
if self.server.use_dbus:
1563
client.Rejected("Approval timed out")
1568
delay -= time2 - time
1571
while sent_size < len(client.secret):
1573
sent = session.send(client.secret[sent_size:])
1574
except gnutls.errors.GNUTLSError as error:
1575
logger.warning("gnutls send failed")
1577
logger.debug("Sent: %d, remaining: %d",
1578
sent, len(client.secret)
1579
- (sent_size + sent))
1582
logger.info("Sending secret to %s", client.name)
1583
# bump the timeout using extended_timeout
1584
client.checked_ok(client.extended_timeout)
1585
if self.server.use_dbus:
1590
if approval_required:
1591
client.approvals_pending -= 1
1594
except gnutls.errors.GNUTLSError as error:
1595
logger.warning("GnuTLS bye failed")
1598
def peer_certificate(session):
1599
"Return the peer's OpenPGP certificate as a bytestring"
1600
# If not an OpenPGP certificate...
1601
if (gnutls.library.functions
1602
.gnutls_certificate_type_get(session._c_object)
1603
!= gnutls.library.constants.GNUTLS_CRT_OPENPGP):
1604
# ...do the normal thing
1605
return session.peer_certificate
1606
list_size = ctypes.c_uint(1)
1607
cert_list = (gnutls.library.functions
1608
.gnutls_certificate_get_peers
1609
(session._c_object, ctypes.byref(list_size)))
1610
if not bool(cert_list) and list_size.value != 0:
1611
raise gnutls.errors.GNUTLSError("error getting peer"
1613
if list_size.value == 0:
1616
return ctypes.string_at(cert.data, cert.size)
1619
def fingerprint(openpgp):
1620
"Convert an OpenPGP bytestring to a hexdigit fingerprint"
1621
# New GnuTLS "datum" with the OpenPGP public key
1622
datum = (gnutls.library.types
1623
.gnutls_datum_t(ctypes.cast(ctypes.c_char_p(openpgp),
1626
ctypes.c_uint(len(openpgp))))
1627
# New empty GnuTLS certificate
1628
crt = gnutls.library.types.gnutls_openpgp_crt_t()
1629
(gnutls.library.functions
1630
.gnutls_openpgp_crt_init(ctypes.byref(crt)))
1631
# Import the OpenPGP public key into the certificate
1632
(gnutls.library.functions
1633
.gnutls_openpgp_crt_import(crt, ctypes.byref(datum),
1634
gnutls.library.constants
1635
.GNUTLS_OPENPGP_FMT_RAW))
1636
# Verify the self signature in the key
1637
crtverify = ctypes.c_uint()
1638
(gnutls.library.functions
1639
.gnutls_openpgp_crt_verify_self(crt, 0,
1640
ctypes.byref(crtverify)))
1641
if crtverify.value != 0:
1642
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1643
raise (gnutls.errors.CertificateSecurityError
1645
# New buffer for the fingerprint
1646
buf = ctypes.create_string_buffer(20)
1647
buf_len = ctypes.c_size_t()
1648
# Get the fingerprint from the certificate into the buffer
1649
(gnutls.library.functions
1650
.gnutls_openpgp_crt_get_fingerprint(crt, ctypes.byref(buf),
1651
ctypes.byref(buf_len)))
1652
# Deinit the certificate
1653
gnutls.library.functions.gnutls_openpgp_crt_deinit(crt)
1654
# Convert the buffer to a Python bytestring
1655
fpr = ctypes.string_at(buf, buf_len.value)
1656
# Convert the bytestring to hexadecimal notation
1657
hex_fpr = binascii.hexlify(fpr).upper()
1661
class MultiprocessingMixIn(object):
1662
"""Like socketserver.ThreadingMixIn, but with multiprocessing"""
1663
def sub_process_main(self, request, address):
1665
self.finish_request(request, address)
1667
self.handle_error(request, address)
1668
self.close_request(request)
1670
def process_request(self, request, address):
1671
"""Start a new process to process the request."""
1672
proc = multiprocessing.Process(target = self.sub_process_main,
1679
class MultiprocessingMixInWithPipe(MultiprocessingMixIn, object):
1680
""" adds a pipe to the MixIn """
1681
def process_request(self, request, client_address):
1682
"""Overrides and wraps the original process_request().
1684
This function creates a new pipe in self.pipe
1686
parent_pipe, self.child_pipe = multiprocessing.Pipe()
1688
proc = MultiprocessingMixIn.process_request(self, request,
1690
self.child_pipe.close()
1691
self.add_pipe(parent_pipe, proc)
1693
def add_pipe(self, parent_pipe, proc):
1694
"""Dummy function; override as necessary"""
1695
raise NotImplementedError
1698
class IPv6_TCPServer(MultiprocessingMixInWithPipe,
1699
socketserver.TCPServer, object):
1700
"""IPv6-capable TCP server. Accepts 'None' as address and/or port
371
logger.debug(u"TCP connection from: %s",
372
unicode(self.client_address))
373
session = gnutls.connection.ClientSession(self.request,
377
#priority = ':'.join(("NONE", "+VERS-TLS1.1", "+AES-256-CBC",
378
# "+SHA1", "+COMP-NULL", "+CTYPE-OPENPGP",
380
priority = "SECURE256"
382
gnutls.library.functions.gnutls_priority_set_direct\
383
(session._c_object, priority, None);
387
except gnutls.errors.GNUTLSError, error:
388
logger.debug(u"Handshake failed: %s", error)
389
# Do not run session.bye() here: the session is not
390
# established. Just abandon the request.
393
fpr = fingerprint(peer_certificate(session))
394
except (TypeError, gnutls.errors.GNUTLSError), error:
395
logger.debug(u"Bad certificate: %s", error)
398
logger.debug(u"Fingerprint: %s", fpr)
400
for c in self.server.clients:
401
if c.fingerprint == fpr:
404
# Have to check if client.still_valid(), since it is possible
405
# that the client timed out while establishing the GnuTLS
407
if (not client) or (not client.still_valid()):
409
logger.debug(u"Client %(name)s is invalid",
412
logger.debug(u"Client not found for fingerprint: %s",
417
while sent_size < len(client.secret):
418
sent = session.send(client.secret[sent_size:])
419
logger.debug(u"Sent: %d, remaining: %d",
420
sent, len(client.secret)
421
- (sent_size + sent))
426
class IPv6_TCPServer(SocketServer.ForkingTCPServer, object):
427
"""IPv6 TCP server. Accepts 'None' as address and/or port.
1703
enabled: Boolean; whether this server is activated yet
1704
interface: None or a network interface name (string)
1705
use_ipv6: Boolean; to use IPv6 or not
429
options: Command line options
430
clients: Set() of Client objects
1707
def __init__(self, server_address, RequestHandlerClass,
1708
interface=None, use_ipv6=True):
1709
self.interface = interface
1711
self.address_family = socket.AF_INET6
1712
socketserver.TCPServer.__init__(self, server_address,
1713
RequestHandlerClass)
432
address_family = socket.AF_INET6
433
def __init__(self, *args, **kwargs):
434
if "options" in kwargs:
435
self.options = kwargs["options"]
436
del kwargs["options"]
437
if "clients" in kwargs:
438
self.clients = kwargs["clients"]
439
del kwargs["clients"]
440
return super(type(self), self).__init__(*args, **kwargs)
1714
441
def server_bind(self):
1715
442
"""This overrides the normal server_bind() function
1716
443
to bind to an interface if one was specified, and also NOT to
1717
444
bind to an address or port if they were not specified."""
1718
if self.interface is not None:
1719
if SO_BINDTODEVICE is None:
1720
logger.error("SO_BINDTODEVICE does not exist;"
1721
" cannot bind to interface %s",
1725
self.socket.setsockopt(socket.SOL_SOCKET,
1729
except socket.error as error:
1730
if error[0] == errno.EPERM:
1731
logger.error("No permission to"
1732
" bind to interface %s",
1734
elif error[0] == errno.ENOPROTOOPT:
1735
logger.error("SO_BINDTODEVICE not available;"
1736
" cannot bind to interface %s",
445
if self.options.interface:
446
if not hasattr(socket, "SO_BINDTODEVICE"):
447
# From /usr/include/asm-i486/socket.h
448
socket.SO_BINDTODEVICE = 25
450
self.socket.setsockopt(socket.SOL_SOCKET,
451
socket.SO_BINDTODEVICE,
452
self.options.interface)
453
except socket.error, error:
454
if error[0] == errno.EPERM:
455
logger.warning(u"No permission to"
456
u" bind to interface %s",
457
self.options.interface)
1740
460
# Only bind(2) the socket if we really need to.
1741
461
if self.server_address[0] or self.server_address[1]:
1742
462
if not self.server_address[0]:
1743
if self.address_family == socket.AF_INET6:
1744
any_address = "::" # in6addr_any
1746
any_address = socket.INADDR_ANY
1747
self.server_address = (any_address,
464
self.server_address = (in6addr_any,
1748
465
self.server_address[1])
1749
elif not self.server_address[1]:
466
elif self.server_address[1] is None:
1750
467
self.server_address = (self.server_address[0],
1752
# if self.interface:
1753
# self.server_address = (self.server_address[0],
1758
return socketserver.TCPServer.server_bind(self)
1761
class MandosServer(IPv6_TCPServer):
1765
clients: set of Client objects
1766
gnutls_priority GnuTLS priority string
1767
use_dbus: Boolean; to emit D-Bus signals or not
1769
Assumes a gobject.MainLoop event loop.
1771
def __init__(self, server_address, RequestHandlerClass,
1772
interface=None, use_ipv6=True, clients=None,
1773
gnutls_priority=None, use_dbus=True):
1774
self.enabled = False
1775
self.clients = clients
1776
if self.clients is None:
1778
self.use_dbus = use_dbus
1779
self.gnutls_priority = gnutls_priority
1780
IPv6_TCPServer.__init__(self, server_address,
1781
RequestHandlerClass,
1782
interface = interface,
1783
use_ipv6 = use_ipv6)
1784
def server_activate(self):
1786
return socketserver.TCPServer.server_activate(self)
1791
def add_pipe(self, parent_pipe, proc):
1792
# Call "handle_ipc" for both data and EOF events
1793
gobject.io_add_watch(parent_pipe.fileno(),
1794
gobject.IO_IN | gobject.IO_HUP,
1795
functools.partial(self.handle_ipc,
1800
def handle_ipc(self, source, condition, parent_pipe=None,
1801
proc = None, client_object=None):
1803
gobject.IO_IN: "IN", # There is data to read.
1804
gobject.IO_OUT: "OUT", # Data can be written (without
1806
gobject.IO_PRI: "PRI", # There is urgent data to read.
1807
gobject.IO_ERR: "ERR", # Error condition.
1808
gobject.IO_HUP: "HUP" # Hung up (the connection has been
1809
# broken, usually for pipes and
1812
conditions_string = ' | '.join(name
1814
condition_names.iteritems()
1815
if cond & condition)
1816
# error, or the other end of multiprocessing.Pipe has closed
1817
if condition & (gobject.IO_ERR | condition & gobject.IO_HUP):
1818
# Wait for other process to exit
1822
# Read a request from the child
1823
request = parent_pipe.recv()
1824
command = request[0]
1826
if command == 'init':
1828
address = request[2]
1830
for c in self.clients.itervalues():
1831
if c.fingerprint == fpr:
1835
logger.info("Client not found for fingerprint: %s, ad"
1836
"dress: %s", fpr, address)
1839
mandos_dbus_service.ClientNotFound(fpr,
1841
parent_pipe.send(False)
1844
gobject.io_add_watch(parent_pipe.fileno(),
1845
gobject.IO_IN | gobject.IO_HUP,
1846
functools.partial(self.handle_ipc,
1852
parent_pipe.send(True)
1853
# remove the old hook in favor of the new above hook on
1856
if command == 'funcall':
1857
funcname = request[1]
1861
parent_pipe.send(('data', getattr(client_object,
1865
if command == 'getattr':
1866
attrname = request[1]
1867
if callable(client_object.__getattribute__(attrname)):
1868
parent_pipe.send(('function',))
1870
parent_pipe.send(('data', client_object
1871
.__getattribute__(attrname)))
1873
if command == 'setattr':
1874
attrname = request[1]
1876
setattr(client_object, attrname, value)
469
return super(type(self), self).server_bind()
1881
472
def string_to_delta(interval):
1882
473
"""Parse a string and return a datetime.timedelta
1884
475
>>> string_to_delta('7d')
1885
476
datetime.timedelta(7)
1886
477
>>> string_to_delta('60s')
616
def killme(status = 0):
617
logger.debug("Stopping server with exit status %d", status)
619
if main_loop_started:
1947
##################################################################
1948
# Parsing of options, both command line and config file
1950
parser = argparse.ArgumentParser()
1951
parser.add_argument("-v", "--version", action="version",
1952
version = "%%(prog)s %s" % version,
1953
help="show version number and exit")
1954
parser.add_argument("-i", "--interface", metavar="IF",
1955
help="Bind to interface IF")
1956
parser.add_argument("-a", "--address",
1957
help="Address to listen for requests on")
1958
parser.add_argument("-p", "--port", type=int,
1959
help="Port number to receive requests on")
1960
parser.add_argument("--check", action="store_true",
1961
help="Run self-test")
1962
parser.add_argument("--debug", action="store_true",
1963
help="Debug mode; run in foreground and log"
1965
parser.add_argument("--debuglevel", metavar="LEVEL",
1966
help="Debug level for stdout output")
1967
parser.add_argument("--priority", help="GnuTLS"
1968
" priority string (see GnuTLS documentation)")
1969
parser.add_argument("--servicename",
1970
metavar="NAME", help="Zeroconf service name")
1971
parser.add_argument("--configdir",
1972
default="/etc/mandos", metavar="DIR",
1973
help="Directory to search for configuration"
1975
parser.add_argument("--no-dbus", action="store_false",
1976
dest="use_dbus", help="Do not provide D-Bus"
1977
" system bus interface")
1978
parser.add_argument("--no-ipv6", action="store_false",
1979
dest="use_ipv6", help="Do not use IPv6")
1980
parser.add_argument("--no-restore", action="store_false",
1981
dest="restore", help="Do not restore stored"
1983
parser.add_argument("--statedir", metavar="DIR",
1984
help="Directory to save/restore state in")
1986
options = parser.parse_args()
628
global main_loop_started
629
main_loop_started = False
631
parser = OptionParser()
632
parser.add_option("-i", "--interface", type="string",
633
default=None, metavar="IF",
634
help="Bind to interface IF")
635
parser.add_option("-a", "--address", type="string", default=None,
636
help="Address to listen for requests on")
637
parser.add_option("-p", "--port", type="int", default=None,
638
help="Port number to receive requests on")
639
parser.add_option("--timeout", type="string", # Parsed later
641
help="Amount of downtime allowed for clients")
642
parser.add_option("--interval", type="string", # Parsed later
644
help="How often to check that a client is up")
645
parser.add_option("--check", action="store_true", default=False,
646
help="Run self-test")
647
parser.add_option("--debug", action="store_true", default=False,
649
(options, args) = parser.parse_args()
1988
651
if options.check:
1990
653
doctest.testmod()
1993
# Default values for config file for server-global settings
1994
server_defaults = { "interface": "",
1999
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
2000
"servicename": "Mandos",
2005
"statedir": "/var/lib/mandos"
2008
# Parse config file for server-global settings
2009
server_config = configparser.SafeConfigParser(server_defaults)
2011
server_config.read(os.path.join(options.configdir,
2013
# Convert the SafeConfigParser object to a dict
2014
server_settings = server_config.defaults()
2015
# Use the appropriate methods on the non-string config options
2016
for option in ("debug", "use_dbus", "use_ipv6"):
2017
server_settings[option] = server_config.getboolean("DEFAULT",
2019
if server_settings["port"]:
2020
server_settings["port"] = server_config.getint("DEFAULT",
2024
# Override the settings from the config file with command line
2026
for option in ("interface", "address", "port", "debug",
2027
"priority", "servicename", "configdir",
2028
"use_dbus", "use_ipv6", "debuglevel", "restore",
2030
value = getattr(options, option)
2031
if value is not None:
2032
server_settings[option] = value
2034
# Force all strings to be unicode
2035
for option in server_settings.keys():
2036
if type(server_settings[option]) is str:
2037
server_settings[option] = unicode(server_settings[option])
2038
# Now we have our good server settings in "server_settings"
2040
##################################################################
2043
debug = server_settings["debug"]
2044
debuglevel = server_settings["debuglevel"]
2045
use_dbus = server_settings["use_dbus"]
2046
use_ipv6 = server_settings["use_ipv6"]
2047
stored_state_path = os.path.join(server_settings["statedir"],
2051
initlogger(logging.DEBUG)
2056
level = getattr(logging, debuglevel.upper())
2059
if server_settings["servicename"] != "Mandos":
2060
syslogger.setFormatter(logging.Formatter
2061
('Mandos (%s) [%%(process)d]:'
2062
' %%(levelname)s: %%(message)s'
2063
% server_settings["servicename"]))
2065
# Parse config file with clients
2066
client_defaults = { "timeout": "5m",
2067
"extended_timeout": "15m",
2069
"checker": "fping -q -- %%(host)s",
2071
"approval_delay": "0s",
2072
"approval_duration": "1s",
2074
client_config = configparser.SafeConfigParser(client_defaults)
2075
client_config.read(os.path.join(server_settings["configdir"],
2078
global mandos_dbus_service
2079
mandos_dbus_service = None
2081
tcp_server = MandosServer((server_settings["address"],
2082
server_settings["port"]),
2084
interface=(server_settings["interface"]
2088
server_settings["priority"],
2091
pidfilename = "/var/run/mandos.pid"
2093
pidfile = open(pidfilename, "w")
2095
logger.error("Could not open file %r", pidfilename)
2098
uid = pwd.getpwnam("_mandos").pw_uid
2099
gid = pwd.getpwnam("_mandos").pw_gid
2102
uid = pwd.getpwnam("mandos").pw_uid
2103
gid = pwd.getpwnam("mandos").pw_gid
2106
uid = pwd.getpwnam("nobody").pw_uid
2107
gid = pwd.getpwnam("nobody").pw_gid
2114
except OSError as error:
2115
if error[0] != errno.EPERM:
2119
# Enable all possible GnuTLS debugging
2121
# "Use a log level over 10 to enable all debugging options."
2123
gnutls.library.functions.gnutls_global_set_log_level(11)
2125
@gnutls.library.types.gnutls_log_func
2126
def debug_gnutls(level, string):
2127
logger.debug("GnuTLS: %s", string[:-1])
2129
(gnutls.library.functions
2130
.gnutls_global_set_log_function(debug_gnutls))
2132
# Redirect stdin so all checkers get /dev/null
2133
null = os.open(os.path.devnull, os.O_NOCTTY | os.O_RDWR)
2134
os.dup2(null, sys.stdin.fileno())
2138
# No console logging
2139
logger.removeHandler(console)
2141
# Need to fork before connecting to D-Bus
2143
# Close all input and output, do double fork, etc.
656
# Parse the time arguments
658
options.timeout = string_to_delta(options.timeout)
660
parser.error("option --timeout: Unparseable time")
662
options.interval = string_to_delta(options.interval)
664
parser.error("option --interval: Unparseable time")
667
defaults = { "checker": "fping -q -- %%(fqdn)s" }
668
client_config = ConfigParser.SafeConfigParser(defaults)
669
#client_config.readfp(open("global.conf"), "global.conf")
670
client_config.read("mandos-clients.conf")
2146
672
global main_loop
2147
675
# From the Avahi example code
2148
676
DBusGMainLoop(set_as_default=True )
2149
677
main_loop = gobject.MainLoop()
2150
678
bus = dbus.SystemBus()
679
server = dbus.Interface(
680
bus.get_object( avahi.DBUS_NAME, avahi.DBUS_PATH_SERVER ),
681
avahi.DBUS_INTERFACE_SERVER )
2151
682
# End of Avahi example code
2154
bus_name = dbus.service.BusName("se.recompile.Mandos",
2155
bus, do_not_queue=True)
2156
old_bus_name = (dbus.service.BusName
2157
("se.bsnet.fukt.Mandos", bus,
2159
except dbus.exceptions.NameExistsException as e:
2160
logger.error(unicode(e) + ", disabling D-Bus")
2162
server_settings["use_dbus"] = False
2163
tcp_server.use_dbus = False
2164
protocol = avahi.PROTO_INET6 if use_ipv6 else avahi.PROTO_INET
2165
service = AvahiServiceToSyslog(name =
2166
server_settings["servicename"],
2167
servicetype = "_mandos._tcp",
2168
protocol = protocol, bus = bus)
2169
if server_settings["interface"]:
2170
service.interface = (if_nametoindex
2171
(str(server_settings["interface"])))
2173
global multiprocessing_manager
2174
multiprocessing_manager = multiprocessing.Manager()
2176
client_class = Client
2178
client_class = functools.partial(ClientDBusTransitional,
2181
special_settings = {
2182
# Some settings need to be accessd by special methods;
2183
# booleans need .getboolean(), etc. Here is a list of them:
2184
"approved_by_default":
2186
client_config.getboolean(section, "approved_by_default"),
2189
client_config.getboolean(section, "enabled"),
2191
# Construct a new dict of client settings of this form:
2192
# { client_name: {setting_name: value, ...}, ...}
2193
# with exceptions for any special settings as defined above
2194
client_settings = dict((clientname,
2197
if setting not in special_settings
2198
else special_settings[setting]
2200
for setting, value in
2201
client_config.items(clientname)))
2202
for clientname in client_config.sections())
2204
old_client_settings = {}
2207
# Get client data and settings from last running state.
2208
if server_settings["restore"]:
2210
with open(stored_state_path, "rb") as stored_state:
2211
clients_data, old_client_settings = (pickle.load
2213
os.remove(stored_state_path)
2214
except IOError as e:
2215
logger.warning("Could not load persistent state: {0}"
2217
if e.errno != errno.ENOENT:
2220
with Crypto() as crypt:
2221
for client in clients_data:
2222
client_name = client["name"]
2224
# Decide which value to use after restoring saved state.
2225
# We have three different values: Old config file,
2226
# new config file, and saved state.
2227
# New config value takes precedence if it differs from old
2228
# config value, otherwise use saved state.
2229
for name, value in client_settings[client_name].items():
2231
# For each value in new config, check if it
2232
# differs from the old config value (Except for
2233
# the "secret" attribute)
2234
if (name != "secret" and
2235
value != old_client_settings[client_name]
2237
setattr(client, name, value)
2241
# Clients who has passed its expire date can still be
2242
# enabled if its last checker was sucessful. Clients
2243
# whose checker failed before we stored its state is
2244
# assumed to have failed all checkers during downtime.
2245
if client["enabled"] and client["last_checked_ok"]:
2246
if ((datetime.datetime.utcnow()
2247
- client["last_checked_ok"])
2248
> client["interval"]):
2249
if client["last_checker_status"] != 0:
2250
client["enabled"] = False
2252
client["expires"] = (datetime.datetime
2254
+ client["timeout"])
2256
client["changedstate"] = (multiprocessing_manager
2258
(multiprocessing_manager
2261
new_client = (ClientDBusTransitional.__new__
2262
(ClientDBusTransitional))
2263
tcp_server.clients[client_name] = new_client
2264
new_client.bus = bus
2265
for name, value in client.iteritems():
2266
setattr(new_client, name, value)
2267
client_object_name = unicode(client_name).translate(
2268
{ord("."): ord("_"),
2269
ord("-"): ord("_")})
2270
new_client.dbus_object_path = (dbus.ObjectPath
2272
+ client_object_name))
2273
DBusObjectWithProperties.__init__(new_client,
2278
tcp_server.clients[client_name] = (Client.__new__
2280
for name, value in client.iteritems():
2281
setattr(tcp_server.clients[client_name],
2285
tcp_server.clients[client_name].secret = (
2286
crypt.decrypt(tcp_server.clients[client_name]
2288
client_settings[client_name]
2291
# If decryption fails, we use secret from new settings
2292
tcp_server.clients[client_name].secret = (
2293
client_settings[client_name]["secret"])
2295
# Create/remove clients based on new changes made to config
2296
for clientname in set(old_client_settings) - set(client_settings):
2297
del tcp_server.clients[clientname]
2298
for clientname in set(client_settings) - set(old_client_settings):
2299
tcp_server.clients[clientname] = (client_class(name
2305
if not tcp_server.clients:
2306
logger.warning("No clients defined")
684
debug = options.debug
687
console = logging.StreamHandler()
688
# console.setLevel(logging.DEBUG)
689
console.setFormatter(logging.Formatter\
690
('%(levelname)s: %(message)s'))
691
logger.addHandler(console)
695
def remove_from_clients(client):
696
clients.remove(client)
698
logger.debug(u"No clients left, exiting")
701
clients.update(Set(Client(name=section, options=options,
702
stop_hook = remove_from_clients,
703
**(dict(client_config\
705
for section in client_config.sections()))
2312
pidfile.write(str(pid) + "\n".encode("utf-8"))
2315
logger.error("Could not write to file %r with PID %d",
2318
# "pidfile" was never created
2322
signal.signal(signal.SIGINT, signal.SIG_IGN)
2324
signal.signal(signal.SIGHUP, lambda signum, frame: sys.exit())
2325
signal.signal(signal.SIGTERM, lambda signum, frame: sys.exit())
2328
class MandosDBusService(dbus.service.Object):
2329
"""A D-Bus proxy object"""
2331
dbus.service.Object.__init__(self, bus, "/")
2332
_interface = "se.recompile.Mandos"
2334
@dbus.service.signal(_interface, signature="o")
2335
def ClientAdded(self, objpath):
2339
@dbus.service.signal(_interface, signature="ss")
2340
def ClientNotFound(self, fingerprint, address):
2344
@dbus.service.signal(_interface, signature="os")
2345
def ClientRemoved(self, objpath, name):
2349
@dbus.service.method(_interface, out_signature="ao")
2350
def GetAllClients(self):
2352
return dbus.Array(c.dbus_object_path
2354
tcp_server.clients.itervalues())
2356
@dbus.service.method(_interface,
2357
out_signature="a{oa{sv}}")
2358
def GetAllClientsWithProperties(self):
2360
return dbus.Dictionary(
2361
((c.dbus_object_path, c.GetAll(""))
2362
for c in tcp_server.clients.itervalues()),
2365
@dbus.service.method(_interface, in_signature="o")
2366
def RemoveClient(self, object_path):
2368
for c in tcp_server.clients.itervalues():
2369
if c.dbus_object_path == object_path:
2370
del tcp_server.clients[c.name]
2371
c.remove_from_connection()
2372
# Don't signal anything except ClientRemoved
2373
c.disable(quiet=True)
2375
self.ClientRemoved(object_path, c.name)
2377
raise KeyError(object_path)
2381
class MandosDBusServiceTransitional(MandosDBusService):
2382
__metaclass__ = AlternateDBusNamesMetaclass
2383
mandos_dbus_service = MandosDBusServiceTransitional()
2386
711
"Cleanup function; run on exit"
2389
multiprocessing.active_children()
2390
if not (tcp_server.clients or client_settings):
2393
# Store client before exiting. Secrets are encrypted with key
2394
# based on what config file has. If config file is
2395
# removed/edited, old secret will thus be unrecovable.
2397
with Crypto() as crypt:
2398
for client in tcp_server.clients.itervalues():
2399
key = client_settings[client.name]["secret"]
2400
client.encrypted_secret = crypt.encrypt(client.secret,
2404
# A list of attributes that will not be stored when
2406
exclude = set(("bus", "changedstate", "secret"))
2407
for name, typ in (inspect.getmembers
2408
(dbus.service.Object)):
2411
client_dict["encrypted_secret"] = (client
2413
for attr in client.client_structure:
2414
if attr not in exclude:
2415
client_dict[attr] = getattr(client, attr)
2417
clients.append(client_dict)
2418
del client_settings[client.name]["secret"]
2421
with os.fdopen(os.open(stored_state_path,
2422
os.O_CREAT|os.O_WRONLY|os.O_TRUNC,
2423
0600), "wb") as stored_state:
2424
pickle.dump((clients, client_settings), stored_state)
2425
except (IOError, OSError) as e:
2426
logger.warning("Could not save persistent state: {0}"
2428
if e.errno not in (errno.ENOENT, errno.EACCES):
2431
# Delete all clients, and settings from config
2432
while tcp_server.clients:
2433
name, client = tcp_server.clients.popitem()
2435
client.remove_from_connection()
2436
# Don't signal anything except ClientRemoved
2437
client.disable(quiet=True)
2440
mandos_dbus_service.ClientRemoved(client
2443
client_settings.clear()
2445
atexit.register(cleanup)
2447
for client in tcp_server.clients.itervalues():
2450
mandos_dbus_service.ClientAdded(client.dbus_object_path)
2451
# Need to initiate checking of clients
2453
client.init_checker()
2456
tcp_server.server_activate()
2458
# Find out what port we got
2459
service.port = tcp_server.socket.getsockname()[1]
2461
logger.info("Now listening on address %r, port %d,"
2462
" flowinfo %d, scope_id %d"
2463
% tcp_server.socket.getsockname())
2465
logger.info("Now listening on address %r, port %d"
2466
% tcp_server.socket.getsockname())
2468
#service.interface = tcp_server.socket.getsockname()[3]
2471
713
# From the Avahi example code
2474
except dbus.exceptions.DBusException as error:
2475
logger.critical("DBusException: %s", error)
714
if not group is None:
2478
717
# End of Avahi example code
2480
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
2481
lambda *args, **kwargs:
2482
(tcp_server.handle_request
2483
(*args[2:], **kwargs) or True))
720
client = clients.pop()
721
client.stop_hook = None
724
atexit.register(cleanup)
727
signal.signal(signal.SIGINT, signal.SIG_IGN)
728
signal.signal(signal.SIGHUP, lambda signum, frame: killme())
729
signal.signal(signal.SIGTERM, lambda signum, frame: killme())
731
for client in clients:
734
tcp_server = IPv6_TCPServer((options.address, options.port),
738
# Find out what random port we got
740
servicePort = tcp_server.socket.getsockname()[1]
741
logger.debug(u"Now listening on port %d", servicePort)
743
if options.interface is not None:
744
global serviceInterface
745
serviceInterface = if_nametoindex(options.interface)
747
# From the Avahi example code
748
server.connect_to_signal("StateChanged", server_state_changed)
750
server_state_changed(server.GetState())
751
except dbus.exceptions.DBusException, error:
752
logger.critical(u"DBusException: %s", error)
754
# End of Avahi example code
756
gobject.io_add_watch(tcp_server.fileno(), gobject.IO_IN,
757
lambda *args, **kwargs:
758
tcp_server.handle_request(*args[2:],
2485
761
logger.debug("Starting main loop")
762
main_loop_started = True
2487
except AvahiError as error:
2488
logger.critical("AvahiError: %s", error)
2491
764
except KeyboardInterrupt:
2493
print("", file=sys.stderr)
2494
logger.debug("Server received KeyboardInterrupt")
2495
logger.debug("Server exiting")
2496
# Must run before the D-Bus bus name gets deregistered
2500
770
if __name__ == '__main__':